As legislators and regulators highlight the
threat of cyber-spies exploiting computer and network security weaknesses to
attack the U.S. electrical grid, there may be an opportunity for
reseller solution providers to help protect it.
This week the Wall Street Journal reported that cyber-spies from China, Russia and other countries have penetrated the U.S. electrical grid and left behind software programs
that could be used to exploit the system. It sounds like a plot line from the
television show "24," but security experts view it as a real threat.
And the idea of modernizing U.S. infrastructure, including its IT systems, has been
gaining momentum for months as President Barack Obama has made it first a
rallying cry for his presidential campaign and then a focus of his
administration.
While funds from the economic stimulus package have not specifically been
earmarked for modernizing IT systems at utility companies, the push to make
that happen will only get stronger now as lawmakers focus on the ongoing threat
to national security.
IT market research company Gartner has identified IT spending by utilities as
one of the few pockets of opportunity in 2009.
And those targeting the security space agree that utilities are ready for a
major security upgrade.
"Certainly there will be opportunity that comes along for big companies
and little companies," says Andy Klein, a senior product manager at
SonicWall. SonicWall provides unified threat management to a range of companies
through its 100 percent channel sales organization. "Security has to be a
critical ingredient of that."
Klein says the question arises of how cyber-spies were able to infiltrate the
IT systems of U.S. utilities at all. He says he believes that U.S. utility companies, when they first began providing
services many years ago, relied on physical security to protect against
threats.
But evolving systems, connections to the Internet, wireless networks, the
advent of Web 2.0 social networking and other technological developments that
were never anticipated by the systems’ original security architects may have
outpaced the utilities’ efforts to secure their IT infrastructure systems.
Klein says two technologies will be important in protecting against this
threat—firewalls and VPNs.
"But not just your mother’s firewall," Klein says. "It’s really
about the whole notion of UTM services … the whole inspection of everything
that is coming through the pipe."
Opportunities may also exist for those reseller solution providers that can go
in and identify threats that cyber-spies have left behind.
U.S. utilities will also need to establish security
policies, says Klein, addressing issues such as whether employees should be
allowed to access the Internet or use Web 2.0 applications.